“Every cloud conversation should be also a security conversation,” says Anna Van Wassenaer, Cloud Business Development Leader, Europe, for IBM Security Services.Abhijit Chakravorty, Partner & Cloud Security Competency Leader for IBM Security,

Training with Chaos Engineering

Aug 26th, 2020 32m 23s

"The idea of chaos engineering is essentially to help test resilience before an accident happens," says Itzik Kotler, co-founder and CTO of SafeBreach. Kotler joins Matthew Dobbs, Chief Integration Architect for the IBM Security Command Cente

Time Is (Still) Money and Other Findings from the 2020 Cost of a Data Breach Report

Aug 6th, 2020 24m 22s

What are the top findings from the Cost of a Data Breach Report 2020? Charles DeBeck, a cyber threat intelligence expert with IBM X‑Force IRIS, talks about what drives costs higher for some organizations. "We observed a growing divide between o

Security Highlights from IBM Think Digital 2020

Jul 30th, 2020 15m 18s

The threat landscape has changed as a result of the global pandemic. What does that mean for organizations and their employees? How can leaders "manage through chaos" successfully? Hosts Pam Cobb and David Moulton reflect on these questions by

Contextualizing Zero Trust

Jul 9th, 2020 27m 5s

As digital transformation accelerates, so does the importance of verification. "I think it's become more important right now to ensure the right person has access to the right data and apps at the right time under the right circumstances," says

Recent Activity from ITG16, a North Korean Threat Group

Jul 2nd, 2020 18m

"APT groups jump at the chance to take advantage of people's emotions," says Ryan Castillo, an analyst on the threat hunt and discovery team within IBM X‑Force IRIS. One such advanced persistent threat (APT) group has recently been detected min

Consumer Identity and Access Management (CIAM): Reducing Friction Without Reducing Security

May 12th, 2020 25m 27s

If you introduced yourself at a dinner party and a short time later the host forgot your name, maybe you'd be confused and a little frustrated. The same goes for consumers when interacting with a brand, signing up or verifying their identity. "

Exploring the Impact of the ITG08 Threat Group

Apr 7th, 2020 27m 3s

ITG08, which shares overlap with the group FIN6, is a financially motivated threat group known for currently targeting e-commerce platforms. Chris Caridi from IBM's Threat Intelligence Production Team and Ole Villadsen from the Threat Hunt and

Creating AI Without Bias

Mar 17th, 2020 35m 54s

Human beings have inherent biases. That's all the more reason to make an effort to be "consciously unbiased" when developing artificial intelligence (AI). "When we build AI technology for mission-critical applications like security...we don't g

Current Trends In The Threat Intelligence Landscape

Feb 11th, 2020 32m 54s

Every year, IBM Security releases the X-Force Threat Intelligence Index. When asked what finding surprised him most from the 2020 report, Charles DeBeck, senior cyber threat intelligence researcher, highlighted OT security. "We saw threat actor

Verify To Simplify: Demystifying Zero Trust

Jan 28th, 2020 34m 38s

Nearly a decade ago, Forrester championed the concept of "Zero Trust." Fast forward to today, and the industry is seeing a confluence of technology and strategy that has pushed Zero Trust from the theoretical realm into the practical.In brief

Gender Diversity in Security

Dec 17th, 2019 30m 30s

"It's work to put together and come up with a diverse panel," co-host Pam Cobb observes about her work in the cybersecurity industry. "And diversity here is not just male and female. It is backgrounds and ways of thinking, and all of the differ

Cyber Resilience for State and Local Governments

Nov 12th, 2019 27m 47s

"State and local governments’ IT infrastructure is currently in a state of what we would call transformative change...making information technology now a primary medium for citizens to interact with their local government," explains Claire Zabo

Ransomware and Operating Under Maximum Pressure

Oct 15th, 2019 32m 12s

Recovering from a ransomware attack isn't like paying your electric bill; there's no guarantee that the lights suddenly come back on. How, then, should organizations like municipalities and hospitals plan to remediate in the case of a ransomwar

Cloud Security and the Road to Transformation

Sep 10th, 2019 35m 5s

Cloud is not the ultimate destination; it's the path to an end goal. "The idea of cloud is to get you a modern architecture," says Vikram Chhabra, who leads product management for IBM Security Services with a focus on cloud and infrastructure s

Are You Prepared to Respond to a Destructive Malware Attack?

Aug 6th, 2019 37m 39s

What’s the difference between a destructive attack and a traditional breach? “Destructive malware is malicious software that has the capability to render an effective system inoperable and also challenges reconstitution,” explains Charles DeBec

Adapting to Evolving Data Privacy Regulations

Jul 30th, 2019 25m 37s

As regulations such as GDPR and CCPA go into effect around the world, organizations are seeing the impact of data privacy laws on their businesses. As recent headlines show, fines are one possible impact, but they shouldn't be the only impetus

What Factors Contribute to the Cost of a Data Breach?

Jul 23rd, 2019 29m 14s

On average, according to the 2019 Cost of a Data Breach Report, it takes 279 days to contain a data breach, up from 266 days last year. "I think it's true we're getting better identifying data breaches," says Dr. Larry Ponemon, chairman and fou

The Evolving Security Operations Center

Jul 16th, 2019 36m 30s

"I think we've really seen the concept of a SOC grow and evolve over the past 10 years or so," says Emma Bickerstaffe, Senior Research Analyst at the Information Security Forum. As your business and the threat landscape change, how do you keep

Reducing Third Party Risk

Jun 25th, 2019 34m 58s

"We, as CISOs, and as risk management practitioners, and as risk executives, have to be aware that a risk rating vendor isn't the entire answer to our risk posture," says Shamla Naidoo, a Managing Partner at IBM Security who was most recently t

Development Agility and Open Source Vulnerability Prioritization

Jun 18th, 2019 29m 35s

"Open source is increasingly being acknowledged as an indispensable means for promoting and driving innovation," says Rami Elron, Senior Director of Product Management at WhiteSource. But at the same time, there's been a proliferation in open s

Lateral Movement: Combating High-Risk, Low-Noise Threats

Jun 11th, 2019 30m 31s

"What I like to tell people is that when you have one computer that's infected, that's annoying," says Charles DeBeck, a member of IBM Security's Threat Intelligence Production team. "When you have 1,000 computers that's infected, that's a prob

Travel Security: Why Data Safety Doesn't Get a Day Off

May 28th, 2019 20m 41s

Sunscreen? Check. Boarding pass? Got it. The resolve not to connect to the airport WiFi? Getting there. This summer, add cyber hygiene best practices to your travel checklist. Caleb Barlow, Vice President of X-Force Threat Intelligence for I

Lessons from a Gray Beard: Transitioning from the Military to Cybersecurity

May 14th, 2019 35m 38s

With thirty years of experience in the military, JC Vega now shares his experiences as a "gray beard" in the role of a cyber range coach. When asked about transitioning from the military to cybersecurity, JC offers advice that applies across fi

Foundations for a Winning Operational Technology (OT) Security Strategy

May 7th, 2019 22m 14s

Conversations about operational technology (OT) security have been bubbling up more and more, and justifiably so. The term may not be as well known as it should be — or even entirely settled upon yet — but the consequences of risk in operationa